package com.dries.security.app.config;

import com.dries.security.app.authentication.openid.OpenIdAuthenticationSecurityConfig;
import com.dries.security.core.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
import com.dries.security.core.authorize.AuthorizeConfigManager;
import com.dries.security.core.config.FormAuthenticationConfig;
import com.dries.security.core.validate.code.ValidateCodeSecurityConfig;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.social.security.SpringSocialConfigurer;

import javax.annotation.Resource;

/**
 * @Description:
 * @Author ZSY
 * @createTime 2020/9/18 17:33
 */
@Configuration
@EnableResourceServer
public class DriesResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Resource
    private ValidateCodeSecurityConfig validateCodeSecurityConfig;
    @Resource
    private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;
    @Resource
    private OpenIdAuthenticationSecurityConfig openIdAuthenticationSecurityConfig;
    @Resource
    private SpringSocialConfigurer driesSpringSocialConfig;
    @Resource
    private FormAuthenticationConfig formAuthenticationConfig;
    @Resource
    private AuthorizeConfigManager authorizeConfigManager;


    @Override
    public void configure(HttpSecurity http) throws Exception {

        formAuthenticationConfig.configure(http);

        http.apply(validateCodeSecurityConfig)
                .and()
                .apply(smsCodeAuthenticationSecurityConfig)
                .and()
                .apply(driesSpringSocialConfig)
                .and()
                .apply(openIdAuthenticationSecurityConfig)
                .and().csrf().disable();

        authorizeConfigManager.config(http.authorizeRequests());
    }
}
